Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

AIP-SSM How to Verify Traffic is being passed for inspection?

"show conf" command on my AIP SSM CLI. gigabitEthernet0/1 backplane interface of the SSM has not been assigned to virtual sensor vs0.but

Through this command show service-policy

traffic is recevied by IPS Module.why this,

Kindly guide me

3 REPLIES
Cisco Employee

Re: AIP-SSM How to Verify Traffic is being passed for inspection

show service-policy will show you packets being sent to the module, however if you have NOT assigned the backplance interface to VS0 then no action would be taken on those packets

New Member

Re: AIP-SSM How to Verify Traffic is being passed for inspection

Thanks,i got it.

Cinet-IPS1# show statistics virtual-sensor

Virtual Sensor Statistics

Statistics for Virtual Sensor vs0

Name of current Signature-Defintion instance = sig0

Name of current Event-Action-Rules instance = rules0

List of interfaces monitored by this virtual sensor = GigabitEthernet0/1 subinterface 0

General Statistics for this Virtual Sensor

Number of seconds since a reset of the statistics = 434653

SensorApp Memory Use Percentage = 33

Processing Load Percentage = 1

Total packets processed since reset = 1722

Total IP packets processed since reset = 1722

Total IPv4 packets processed since reset = 1722

Total IPv6 packets processed since reset = 0

Total IPv6 AH packets processed since reset = 0

Total IPv6 ESP packets processed since reset = 0

Total IPv6 Fragment packets processed since reset = 0

Total IPv6 Routing Header packets processed since reset = 0

Total IPv6 ICMP packets processed since reset = 0

Total packets that were not IP processed since reset = 0

Total TCP packets processed since reset = 1466

Total UDP packets processed since reset = 0

Total ICMP packets processed since reset = 256

Total packets that were not TCP, UDP, or ICMP processed since reset = 0

Total ARP packets processed since reset = 0

Cisco Employee

Re: AIP-SSM How to Verify Traffic is being passed for inspection

use the following command

(config)# service analysis-engine

virtual-sensor vs0

(config-ana-vir)# physical-interface gigabitEthernet0/1

Now do show statistics virtual-sensor it should show gig0/1 assigned

198
Views
0
Helpful
3
Replies
CreatePlease to create content